Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/02/06 4:5 a.m.7 views

CVE-2021-40409

An OS command injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.13620121102. At 1 or 2, based on DDNS type, the ddns-password variable, that has the value of the password parameter provided through the SetDdns API, is not validated properly. Th...

9.8CVSS7.4AI score0.03657EPSS
Exploits1References3
Circl
Circl
added 2022/01/28 10:22 p.m.7 views

CVE-2021-40409

creationtimestamp| type| source ---|---|--- 2022-01-28 22:22:10+00:00| seen| https://t.me/cibsecurity/36486...

9.8CVSS8.6AI score0.03657EPSS
Exploits1References1
OSV
OSV
added 2022/01/28 8:15 p.m.4 views

CVE-2021-40409

An OS command injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.13620121102. At 1 or 2, based on DDNS type, the ddns-password variable, that has the value of the password parameter provided through the SetDdns API, is not validated properly. Th...

9.8CVSS7.3AI score0.03657EPSS
Exploits1References1
NVD
NVD
added 2022/01/28 8:15 p.m.17 views

CVE-2021-40409

An OS command injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.13620121102. At 1 or 2, based on DDNS type, the ddns-password variable, that has the value of the password parameter provided through the SetDdns API, is not validated properly. Th...

9.8CVSS0.03657EPSS
Exploits1References1
Cvelist
Cvelist
added 2022/01/28 7:10 p.m.20 views

CVE-2021-40409

An OS command injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.13620121102. At 1 or 2, based on DDNS type, the ddns-password variable, that has the value of the password parameter provided through the SetDdns API, is not validated properly. Th...

9.1CVSS10AI score0.03657EPSS
Exploits1References1
CVE
CVE
added 2022/01/28 7:10 p.m.63 views

CVE-2021-40409

CVE-2021-40409 affects Reolink RLC-410W (v3.0.0.136_20121102). The vulnerability is OS command injection in the device network settings via several APIs (SetDdns, SetLocalLink, SetDevName). The root cause is improper validation of input fields (ddns.password, ddns.domain/username, dns1/dns2, devn...

9.8CVSS9.8AI score0.03657EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2022/01/28 7:10 p.m.5 views

CVE-2021-40409

An OS command injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.13620121102. At 1 or 2, based on DDNS type, the ddns-password variable, that has the value of the password parameter provided through the SetDdns API, is not validated properly. Th...

9.1CVSS10AI score0.03657EPSS
Exploits1References1
Rows per page
Query Builder